Oil and gas is a critical infrastructure sector frequently targeted by cyberattacks. Recently, the Colonial Pipeline and the ARA refining hub attacks have led to serious infrastructural compromise, service interruptions, and devastating financial losses. These incidents highlight the risk of a single, overlooked malware infection compromising the operational uptime and integrity of critical systems, and emphasize the need to stop media-borne threats at the point of entry with additional support of secure data transfer methods.
Our customer, an international offshore crude oil and natural gas producer, operates across highly segmented IT and OT environments, making data transfers between secure zones a major operational challenge. As a result, removable media was used when installing software updates, server patches, or configuration files on control systems. With removable media as the primary method to transfer data between the IT and OT secure zones, and data sizes sometimes reaching tens of gigabytes per batch, transferring such large datasets via USB drives or external disks posed a high risk of introducing malware into air-gapped systems.
Ensuring Removable Media Security Across Operational Environments
Since removable media use was a necessity, the company chose MetaDefender Kiosk due to its malware detection capabilities, blocking threats before they reach critical systems. To provide the protection needed for industrial control and OT systems from removable media-borne threats, each deployment site came with different requirements. The company decided to deploy MetaDefender Kiosk Desktop and MetaDefender Kiosk Mobile in multiple locations.
The different demands of each deployment site require continuous collaboration and specific custom implementations to meet its unique needs. With the support of OPSWAT, our customer successfully deployed MetaDefender Kiosk using form factors that met the operational requirements of each location.
To ensure efficient, secure file transfers for the scanned and sanitized data across air-gapped zones, deploying and integrating MetaDefender Managed File Transfer with all MetaDefender Kiosk deployments were ultimately needed. MetaDefender Kiosk’s capability to seamlessly integrate with MetaDefender Managed File Transfer helped the team perform this integration in parallel with the MetaDefender Kiosk deployment, reducing the overall deployment time compared to initial estimates.
We selected OPSWAT and MetaDefender Kiosk for the capabilities and relevance to our needs. This enabled us to have a dedicated architecture to easily manage large data scans with secure file transfers after the integration with MetaDefender Managed File Transfer.
Tim. BCybersecurity Lead
Preventing Known and Unknown Threats at Isolated OT Entry Points
MetaDefender Kiosk, with its ability to scan removable media before clearing them to access critical systems, and MetaDefender Managed File Transfer, with its capability to secure file transfers between isolated zones, are powered by industry-leading OPSWAT technologies.
Metascan Multiscanning, with over 30 anti-malware engines, proactively detects over 99% of malware by using signatures, heuristics, and machine learning, catching threats single-engine AV tools would likely miss.
I can say that the quality of the reports we are getting and the assurance of the multiple engines from a dedicated physical solution made it clearer and more practical for the people involved.
Tim. BCybersecurity Lead
Deep CDR sanitizes and regenerates over 200 file types, preventing unknown file-borne threats while maintaining the files’ full functionality. This preventive approach enhanced the company's cyber defenses by neutralizing potential file threats before they reached isolated OT networks, significantly reducing the risk of zero-day exploits.
With the proactive detection capabilities of MetaDefender Kiosk at the core of this integrated, multi-layered deployment, the cybersecurity team ruled out using endpoint scanning workflows. The flexibility, customization, and continuous collaboration with OPSWAT experts during and after deployment ensured that every location had what it needed to secure its file transfer operations. MetaDefender Kiosk, deployed with MetaDefender Managed File Transfer, helped strengthen the defense-in-depth strategy while helping maintain compliance with industry cybersecurity standards, such as ISA/IEC 62443.
The deployment enabled the company's cybersecurity specialists to create a streamlined workflow to scan and sanitize files and safely transfer clean data between isolated environments. The solutions’ intuitive user interfaces simplified the development of a training program for field operators. Specifically, the integration with MetaDefender Managed File Transfer received positive feedback from operators since it significantly reduced manual intervention and human error.
I would like to highlight the quality and the dedication of the team that helped us overcome the difficulties of our implementation. They also helped us ensure that Managed File Transfers are working efficiently with each Kiosk deployment.
Tim. BCybersecurity Lead
From Implementation to Impact
With the successful deployment of MetaDefender Kiosk and MetaDefender Managed File Transfer, our customer continues to work with OPSWAT experts to maintain and strengthen their security posture.
The company's cybersecurity experts emphasized the importance of the human factor in a cybersecurity plan. So, improving the awareness and readiness of the IT staff and field operators with a leading training resource like OPSWAT Academy is currently under consideration to boost and maintain the company's cybersecurity readiness.
OPSWAT’s integrated solutions protect sensitive IT and OT assets from cyberattacks and ensure operational continuity and aid regulatory compliance. To learn more about OPSWAT solutions and how they can secure your critical infrastructure networks, get in touch with an expert today.
